Go to DBLP homepageTrojan Traffic Detection Based on Meta-learning
Abstract: At present, Trojan traffic detection technology based on machine learning generally needs a large number of traffic samples as the training set. In the real network environment, in the face of Zero-Day attack and Trojan variant technology, we may only get a small number of traffic samples in a short time, which can not meet the training requirements of the model. To solve this problem, this paper proposes a method of Trojan traffic detection using meta-learning for the first time, which mainly includes the embedded part and the relation part. In the embedding part, we design a neural network combining ResNet and BiLSTM to transform the original traffic into eigenvectors and allocate the meta tasks of each round of training in the form of a C-way K-shot. In the relation part, we design a relationship network improved by dynamic routing algorithm to calculate the relationship score between samples and categories in the meta-task. The model can learn the ability to calculate the difference between different types of samples on multiple meta-tasks. The model can use a small number of samples to complete training and classify quickly according to prior knowledge. In few-shot, our method has better results in Trojan traffic classification than the traditional deep learning method.
Loading